Aha, sounds like typical (unfortunately), the case of the 'sads' on Ubuntus behalf. This is what unfortunately stops somany people from reporting, just that BIT of acknowledgemnt, even just a thanks on theyre webpage, but instead they people think "oh well, this guy has probably raped 5000 boxes then given us this" , it must be the approach of some companies, or they have very pathetic secteams, (in ubuntus cause, -no comment rofl). anyhow thx for clearing that up. cheers, xd
On 24 September 2011 01:00, Georgi Guninski <[email protected]> wrote: > On Fri, Sep 23, 2011 at 06:32:10AM +1000, GloW - XD wrote: > > So, this is an exploit then ? Or just a broken package ? Some people > would > > simply not understand that,your very techy :P > > Anyhow, making a small .sh file for the bug would be cool.. if there is a > > bug to be had. > > cheers > > > > > > hi GloW, > > the bug appears real to me. ubuntu released an advisory [1] > and debian have a bug [2]. > > ubuntu's advisory moderately hurt my narcissistic ego > by not mentioning my humble name :( > > i suppose they have a corporate policy to give credit to "whores only" > (this might be checked by examining which distros give credit > and which write ``it was discovered'') > > as a minor boost to my narcissistic ego, ubuntu's advisory > didn't contain CVE(R) ID :) > > next time ubuntu hurt my narcissistic ego, i will try the black market for > the bug. > > > [1] > https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001424.html > [2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480 > > -- > joro >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
